maietta
commented
8 months ago I have a problem with login page and it's not solved by this issue. I'm getting constantly error "1105 : Invalid credentials" and it doesn't let me to login!Originally posted by @0xShervin in #277 (comment)
I mentioned this earlier and I think someone is sniffing my network and I can't access to it! Why SSL/TLS is not implemented by default and It's not completely encrypted?
Perhaps you should connect to a different network to perform your task to rule this out.
SSL is not enabled by default on a fresh CapRover install. If you are suspecting the symptoms of MITM attack on your network involving your device, such as a TLS downgrade attack or fake cert injection, etc, then there are steps you can take to mitigate these issues but remember, they are beyond the scope of this project.
I HIGHLY recommend you try connecting to another network to rule out a MITM attack if you are suspecting this. Note, this is also extremely unlikely.
If you connect to your server via SSH, you can still reset your password immediately even on a compromised network. Just don't log into the server until you are on a safe network that you can trust, also being mindful that your own computer is trustworthy.
githubsaturn
Originally posted by @0xShervin in https://github.com/caprover/caprover/issues/277#issuecomment-1908501899
I mentioned this earlier and I think someone is sniffing my network and I can't access to it! Why SSL/TLS is not implemented by default and It's not completely encrypted?